Hackers demand a $2.6 ransom to return the details of the 143m people they stole

If you are living in the US, there is a 50% chance you have been affected by the Equifax data breach. According to reports 1 in every 2 American adults has been compromised putting their most sensitive personal information including social security numbers, birthdays, addresses, and driver’s license numbers into the hands of the cybercriminals behind the attack.

The breach itself happened sometime between May and July but was only recognised by Equifax on July 29th. The reason they were targeted is simple. Equifax are one of the three largest credit reporting companies in the US and, as such, hold a wealth of data, all of the details required to open – legitimately or otherwise – new credit card accounts.

With all of that at stake, cybersecurity experts are asking themselves whether the apparent ease with which the criminals involved were able to access so much data is a result of a less than stringent approach to cybersecurity on the part of Equifax or a timely warning as to just how sophisticated today’s hackers have become.

The answer to that question could lie in Equifax’s reaction. They have offered to check whether individual clients have been affected but only in return for that client’s promise that they will not take any legal action against the organisation. In addition as yet unsubstantiated reports have surfaced suggesting some members of staff sold stock in the company (allegedly worth $18m) just before the hack was made public.

The hackers have now made a ransom demand stating that they:

“… are two people trying to solve our lives and those of our families. We did not expect to get as much information as we did, nor do we want to affect any citizen. But we need to monetize the information as soon as possible.”

According to their demands, they value that monetization at $2.6m and, if that sum isn’t paid by September 15th, they have threatened to make the majority of the data public but would keep the credit card details back, possibly so they can sell that more valuable data for an even greater profit.

Some industry figures have been quick to use this as yet another example as to why cryptocurrencies should be looked at as a viable replacement to the more traditional and established procedures. They don’t require credit and there is no trust so they don’t need clearinghouses or credit checking agencies so therefore there won’t be a central pot of data to hack.

Meanwhile the keys required to complete a transaction are secure as long as those involved keep them confidential and, due to the way it has been set up, the blockchain offers everyone involved in a deal total transparency at every stage making it harder for criminals to operate within a transaction.

However one only has to stay abreast of the news to realise cryptocurrency and the blockchain are in no way fool proof. Cybercriminals continue to successfully implement a growing list of frauds and scams designed to take money from victims willing to believe these new technologies really are totally secure.

If you feel your personal details may have been compromised or have lost money as a result of any type of digital fraudand want to discuss what to do next, call us today on 020 7792 5649 or email us at info@selachii.co.uk.